In Business Continuity Management (BCM), defining minimum resource requirements during a disaster is essential to ensure that critical business functions can continue at an acceptable level.
ISO 22301 requires organisations to identify the minimum staffing, technology, facilities, and support resources required to achieve the Minimum Business Continuity Objectives (MBCO) during disruption scenarios.
For the Gambling Regulatory Authority (GRA), CBF-1 (Gambling Licensing and Approval) is a highly resource-dependent regulatory function. It requires trained personnel, secure ICT systems, communication tools, and controlled working environments to maintain licensing operations during disruptions.
Without these minimum resources, regulatory delays may occur, leading to licensing backlogs, enforcement delays, and reduced regulatory oversight.
This chapter identifies the minimum operational resources required for each Sub-CBF under CBF-1, including staffing levels, workspace capacity, IT equipment, communication tools, and other essential resources required to sustain continuity during a disaster.
Table S3: Minimum Resources Required During a Disaster for CBF-1
|
Sub-CBF Code |
Sub-CBF |
Recovery Location |
Minimum Resource Requirements Per Function Per Recovery Location |
Number of Staff (Min Qty) |
No of Seats (Min Qty) |
No of Tel (Min Qty) |
No of PC/Laptops (Min Qty) |
Others (Pls describe and provide min qty) |
|
1-1 |
Licence Application Intake and Registration |
Alternate Worksite / DR Site |
Secure network access, licensing portal access, case intake tools |
6 |
6 |
6 |
6 |
Secure VPN tokens (6), dual-factor authentication devices (6) |
|
1-2 |
Applicant Eligibility Assessment |
Alternate Worksite |
Access to compliance databases, screening tools, reference systems |
5 |
5 |
5 |
5 |
Secure document access rights (5), encrypted storage access |
|
1-3 |
Regulatory Due Diligence and Screening |
Secure DR Facility |
AML/CFT systems, intelligence databases, restricted access terminals |
4 |
4 |
4 |
4 |
Secure intelligence clearance access (4), restricted network accounts |
|
1-4 |
Risk Evaluation of Applicants |
DR Analytics Environment |
Risk scoring tools, analytics dashboards, data warehouse access |
3 |
3 |
3 |
3 |
High-performance analytics access licenses (3) |
|
1-5 |
Inter-Agency Consultation and Clearance |
Government Secure Network / Remote Facility |
Secure communication channels, inter-agency messaging platforms |
4 |
4 |
4 |
4 |
Encrypted communication tools (4), secure email certificates |
|
1-6 |
Licensing Decision and Approval Workflow |
DR Command Approval Centre |
Workflow system access, digital approval tools, authentication devices |
5 |
5 |
5 |
5 |
Digital signing tokens (5), secure approval credentials |
|
1-7 |
Licence Issuance and Documentation |
DR Facility / Cloud Environment |
Document generation system, licensing platform, printing tools |
4 |
4 |
4 |
4 |
Digital certificate signing system (1), secure printer (1) |
|
1-8 |
Licence Renewal Management |
Alternate Worksite |
Licensing lifecycle system access, renewal tracking tools |
4 |
4 |
4 |
4 |
Batch processing system access (1) |
|
1-9 |
Licence Suspension and Revocation Processing |
Crisis Operations Centre |
Enforcement system access, legal workflow tools, secure terminals |
3 |
3 |
3 |
3 |
Emergency approval escalation channel (1), secure audit logging |
|
1-10 |
Change in Licence Conditions Management |
Alternate Worksite |
Regulatory change management system, document workflow tools |
3 |
3 |
3 |
3 |
Policy approval system access (1) |
|
1-11 |
Regulatory Record Keeping and Documentation |
DR Data Centre / Cloud Archive |
Records management system, archival access tools, secure storage |
2 |
2 |
2 |
2 |
Immutable storage access (1), audit trail system |
|
1-12 |
Public Register and Transparency Reporting |
DR Web Hosting Environment |
Web publishing tools, public registry system, CMS access |
2 |
2 |
2 |
2 |
Web hosting failover system (1), content publishing access |
|
1-13 |
Licence Fee Assessment and Collection Coordination |
DR Finance Processing Unit |
ERP system access, finance tools, banking interface systems |
3 |
3 |
3 |
3 |
Payment gateway access (1), financial reconciliation tools |
|
1-14 |
Compliance Linkage Review (Pre-Licensing Conditions) |
Secure Compliance Hub |
Compliance checklist tools, validation systems, secure data access |
4 |
4 |
4 |
4 |
Compliance verification portal (1), audit tools |
|
1-15 |
Emergency Licensing Decisions (Fast-Track Approvals) |
Crisis Command Centre |
Emergency approval system, offline approval tools, secure comms |
2 |
2 |
2 |
2 |
Crisis authorization tokens (2), emergency communication devices |
The minimum resource analysis for CBF-1 (Gambling Licensing and Approval) highlights the essential human, technological, and infrastructural requirements needed for the Gambling Regulatory Authority (GRA) to maintain regulatory continuity during a disaster.
Each Sub-CBF requires a carefully defined set of minimum staffing levels, ICT resources, workspace capacity, and supporting tools to ensure continuity of licensing operations at an acceptable level.
These resources directly support the achievement of Minimum Business Continuity Objectives (MBCO) and ensure that critical regulatory functions can continue even under constrained conditions.
By defining these minimum resource requirements, GRA strengthens its preparedness for disruption scenarios, ensuring that licensing, compliance, enforcement, and approval processes remain operational.
This structured approach enhances resilience, supports ISO 22301 compliance, and safeguards the continuity of Singapore’s gambling regulatory framework under adverse conditions.
| eBook 3: Starting Your BCM Implementation |
||||||
| MBCO | P&S | RAR T1 | RAR T2 | RAR T3 | BCS T1 | CBF |
| CBF-1 Gambling Licensing and Approval | ||||||
| DP | BIAQ P1 | BIAQ P2 | BIAQ P3 | BIAQ P4 | BIAQ P5 | BIAQ P6 |
| BCS T2 | BCS T3 | PD | ||||
To learn more about the course and schedule, click the buttons below for the BCM-300 Business Continuity Management Implementer [BCM-3] and the BCM-5000 Business Continuity Management Expert Implementer [BCM-5].
|
Please feel free to send us a note if you have any questions. |
||